Cybercriminals launched a serious attack on the Microsoft Exchange Server in March.
After assessing the breach, the company’s Threat Intelligence Center concluded with “high confidence” the attack had originated in China, from the sophisticated Chinese hacking group Hafnium, according to the Washington Examiner.
This group is said to have ties to the Chinese Communist Party. Outside cybersecurity experts agreed with Microsoft’s findings.
On May 12, President Joe Biden signed an executive order “to improve the nation’s cybersecurity and protect federal government networks.” According to the White House fact sheet, “recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.”
The Examiner’s Jerry Dunleavy finds it very strange that the Biden administration has yet to acknowledge publicly that China is likely behind the cyberattack on the Microsoft Exchange Server. He pointed out that in April, the administration formally blamed the massive SolarWinds attack on Russia’s SVR, the country’s foreign intelligence service, in a White House fact sheet.
Biden openly attributed the recent Colonial Pipeline ransomware attack to a hacker group called DarkSide, which operates out of Russia.
That’s why the refusal of Biden administration officials and agencies to name China as the source of the attack on the Microsoft Exchange Server strikes Dunleavy, and many of us, as odd.